Abstract: In blockchain systems, stateful data are stored globally and sequentially in the form of key-value pairs. Indeed, in addition to being one-dimensional, values can be multi-dimensional. However, in blockchain systems, existing works only consider one-dimensional data to implement indexing approaches, as a result, these approaches perform poorly when extended to multi-dimensional and historical data. To overcome these issues, in this paper we propose two new indexing models for blockchain. Additionally, we investigate the use of bloom filters to enhance user privacy when searching for specific items within the blockchain. The first model is Two-tier Deterministic Appended Only Skip List (TDASL) that improves from LineageChain (Ruan et al., 2019, 2021) by using an additional indexing layer on top of a skip list to quickly retrieve the state versions and by using prefixes to query multi-dimensional state versions. The second model is Predefined Partitioned B-plus Tree (PPBPT), which paves the way of adopting B-plus tree in blockchain by addressing the challenge of its heavy reconstruction cost upon updates. To do so, PPBPT copies a predefined B-plus tree, which is used for generating indexes for blockchain historical data, thereby reducing reconstruction costs. We conduct extensive experiments to verify the effectiveness of the proposed approaches under various parameter settings.

Bio: Bikash Chandra Singh currently holds the position of Research Assistant Professor at the School of Cybersecurity, Old Dominion University, Virginia, USA. Previously, he served as a post-doctoral research associate at the Virginia Modelling, Analysis and Simulation Center (VMASC) from November 01, 2022, to September 2023. Prior to this, he was an Associate Professor in the Department of Information and Communication Technology at Islamic University, Bangladesh. Dr. Singh also conducted post-doctoral research at the Department of Electronics and Information Engineering at the Hong Kong Polytechnic University from January 4, 2021, to April 16, 2022. He earned his Doctor of Philosophy (PhD) in Computer Science from the University of Insubria, Italy. His research interests include data privacy and security, differential privacy, machine learning, big data analysis, online social network analysis, 5G systems, cybersecurity in supply chain, and distributed networks, with a particular focus on blockchain technology.

Abstract: IoT environments have complex physical interactions between actuators and sensors that create new classes of app interaction vulnerabilities. For instance, an app that turns on the heater interacts with another app that opens the window when the temperature exceeds a threshold and may result in opening the window when the residents are not at home. Unfortunately, existing IoT security measures fail to achieve sufficient fidelity to uncover these vulnerabilities, causing poor accuracy and false alarms. In this talk, I will introduce IoTSeer, which combines app code analysis and dynamic analysis with new security policies to discover physical interaction vulnerabilities among IoT apps. IoTSeer first models each IoT app’s physical behavior through hybrid modeling and proposed a new composition algorithm to construct a model that describes the joint physical behavior of apps. It then leverages optimization-guided falsification to validate if the apps’ composite model adheres to a set of safety and security policies represented with metric temporal logic. Through this effort, we develop formal techniques and tools that enable developers to build safe and secure IoT environments.

Bio: Muslum Ozgur Ozmen is a Ph.D. candidate in the Department of Computer Science at Purdue University, where he is advised by Professor Z. Berkay Celik. He has researched a variety of topics, including IoT security and privacy, mobile robot and self-driving car security, and lightweight cryptography. He received the Diamond Award for academic excellence from the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University. He served at the student advisory council of NSF AI Institute for Agent-based Cyber Threat Intelligence and Operation (ACTION) as the Purdue representative in 2023-2024. He also interned with the cyber-physical systems research team at the Toyota Research Institute North America. He will join SCAI at ASU as an assistant professor in Fall 2024. More information can be obtained at https://ozgurozmen.github.io/.

Abstract: New cyber-physical systems (CPSs) that integrate the physical and digital (cyber) spaces must be protected on critical infrastructures. The CPS is going to experience big changes. Cyber-physical systems are as core an integral part of Industry 4.0. These systems comprise computational and physical systems that combine engineering models and methods with computer science methodologies. CPS is related to IoT, and both integrate digital computing including network connectivity, physical devices, and systems. Industry 4.0 is emerging with the use of IoT and software-centric technologies across cyber-physical operations, which leads to a larger attack surface and cyberattacks in smart systems. The fourth revolution is creating intelligent systems, connected machines, and networks that can independently exchange information, trigger actions, and control each other autonomously.

Bio: Dr. Lida Haghnegahdar is an Assistant Professor in the Cybersecurity School at Old Dominion University (ODU). She was a recipient of the innovational scientist fellowship to work with the industry on systems optimization projects. Previously, she served as a post-doctoral research scientist at the Center for Agile and Adaptive Additive Manufacturing Center (CAAAM) at the University of North Texas. Her main research interest involves smart manufacturing, cyber- physical systems, cybersecurity, digital supply chain, IoT cloud, smart grid, and distributed systems. Her research focuses on systems computation, intrusion detection, and smart systems that are making lasting impacts considering artificial intelligence (AI) and data analysis

applications.

Abstract: As healthcare systems become increasingly dependent on electronic health records and various digital platforms for managing patient data, ensuring the privacy and security of this sensitive information has become a paramount concern. In this talk, I will outline the main threats to health data privacy, along with the evolving legal frameworks and standards, such as HIPAA, that govern its use. I will also share initial results from a controlled experiment involving over 80 students, highlighting the critical role of education and technology in enforcing robust patient privacy protections. Furthermore, I will explore innovative technologies and practices that are emerging to protect and manage health data. This discussion aims to shed light on how healthcare providers, policymakers, and technologists can work together to develop more secure and private systems for health data management.  

Bio: Hailong Zhang is an Assistant Collegiate Professor in the Business Information Technology Department. He received his Ph.D. in Computer Science and Engineering from the Ohio State University in 2020. Prior to joining VT, he worked as an Assistant Professor in the Department of Computer and Information Sciences at Fordham University. His research interest lies in the general area of security and privacy, where he bridges business, technology, and public policy and law. His research has been published in top-tier computer science conferences and peer-reviewed journals, including USENIX Security Symposium, the International Conference on Software Engineering.

Abstract: With hardware support, confidential computing (CC) is one of the promising solutions for efficient privacy-preserving computing on the cloud. However, the current commercial confidential computing platforms are limited to CPUs and very recently GPUs. Not all the devices will have hardware CC support immediately. In the first part of the talk, I will present SecNDP, a lightweight encryption and verification scheme for a trusted CPU to leverage untrusted Near-Data Processing (NDP) devices to perform computation over ciphertext and verify the correctness of linear operations. Our evaluation shows that SecNDP has performance speedup and energy savings compared with a secure CPU baseline. In the second part of the talk, I will talk about our ongoing work on the analysis of the potential leakages in confidential computing platforms and software mitigations.

Bio: Wenjie Xiong is an Assistant Professor at Virginia Tech. She received her Ph.D. in the Department of Electrical Engineering at Yale University in May 2020, advised by Prof. Jakub Szefer. Her research interests are in computer architecture and hardware security, where she leverages hardware features to enhance the security of computer systems as well as identify and mitigate security vulnerabilities that are rooted in the hardware designs. Her work on covert channel attacks on cache replacement states was selected as an Honorable Mention of IEEE Micro Top Picks 2021 and the featured paper of IEEE Transactions on Computers (TC). Her earlier work on run-time accessible DRAM PUFs was selected as the Top Picks in Hardware and Embedded Security 2019. More details at https://computing.ece.vt.edu/~wenjiex/.